Cisco introduces CCIE Security 400-251 V5.0 Written and Lab ExamPaul Adam
Cisco just published yet another update to CCIE Security Written and lab exams dubbed as Exam 400-251 (v5.0). It is quiet interesting to see another update rolling out on the back of an older one (350-018 V4.1) which took effect from July 25th 2016! Yet another interesting thing to see is v5.0 also implies changes to Cisco Security Lab exam as well.
Nonetheless, I am excited to see that Cisco is aggressively updating the exam blueprint to keep pace with the changes taking place in the security and networking industries. As I scanned through the changes in the official Cisco announcement, I noticed the following key areas that are worth noting.
- As we know, Cisco is an acquisition machine and recently snapped up Lancope (NBA/NetFlow), OpenDNS (cloud-delivered security), and SourceFire (FirePower product line) security companies. Both newly acquired and organically built (ex. ACI)products and solutions are now part of the new CCIE Security blueprint (v5.0)
- Overall exam blueprint now seems more consolidated (8 versus 6 exam sections)
- Identity Management, Information Exchange, and Access Control is the largest content contributor to the exam now (22% and 24% of the written and lab exams respectively)
- Security infrastructure products for perimeter security and intrusion prevention is the second largest content area when it comes written and lab exam content (21% and 23% of the written and lab exams respectively)
- It seems finally all of the VPN content is now consolidated into Secure Connectivity and Segmentation area (17% and 19% of the written and lab exams respectively)
- Infrastructure Security, Virtualization, and Automation now includes Cisco ACI and virtualized security domain
- There is no change to Evolving Technologies section across v4.1 and v5.0 exam blueprint. It continues to include SDN, Cloud and Internet of Things (IoT)
- Last but not least, Cisco also seems to be stepping up on transparency around the CCIE exam content with a lot of details for each section.
|CCIE Security V5.0 (takes effect on Jan 31 2017)||Domain Description||Written Exam %|
|Perimeter Security and Intrusion Prevention||Cisco FirePOWER, Cisco ASA, Cisco IOS ZBFW, DDoS Mitigation||21%|
|Advanced Threat Protection and Content Security||AMP Solutions and Security Protocols||17%|
|Secure Connectivity and Segmentation||IKE/IPSec, TrustSec, GETVPN, DMVPN, FlexVPN, Security protocols and algorithms||17%|
|Identity Management, Information Exchange, and Access Control||ISE, RADIUS/TACACS+, WLAN Security and Protocols||22%|
|Infrastructure Security, Virtualization, and Automation||Attacks, Cisco ACI, standard bodies, Cisco DNA/SAFE, NetFlow, ACLs etc.||13%|
|Evolving Technologies||Cloud, SDN, IoT||10%|
Do you believe that Cisco got the exam blueprint changes right? Share your take with us in the comments.
For more details, you can refer to the official Cisco announcement here.